{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, uses weak permissions, which allows remote authenticated users to modify files and settings via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-11-03T17:00:00.000Z", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert"}, "references": [{"name": "JVN#41032068", "tags": ["third-party-advisory", "x_refsource_JVN"], "url": "http://jvn.jp/en/jp/JVN41032068/index.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.mtcms.jp/news/product/201110131921.html"}, {"name": "JVNDB-2011-000093", "tags": ["third-party-advisory", "x_refsource_JVNDB"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000093"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2011-3993", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, uses weak permissions, which allows remote authenticated users to modify files and settings via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "JVN#41032068", "refsource": "JVN", "url": "http://jvn.jp/en/jp/JVN41032068/index.html"}, {"name": "http://www.mtcms.jp/news/product/201110131921.html", "refsource": "CONFIRM", "url": "http://www.mtcms.jp/news/product/201110131921.html"}, {"name": "JVNDB-2011-000093", "refsource": "JVNDB", "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000093"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:53:32.599Z"}, "title": "CVE Program Container", "references": [{"name": "JVN#41032068", "tags": ["third-party-advisory", "x_refsource_JVN", "x_transferred"], "url": "http://jvn.jp/en/jp/JVN41032068/index.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.mtcms.jp/news/product/201110131921.html"}, {"name": "JVNDB-2011-000093", "tags": ["third-party-advisory", "x_refsource_JVNDB", "x_transferred"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000093"}]}]}, "cveMetadata": {"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2011-3993", "datePublished": "2011-11-03T17:00:00.000Z", "dateReserved": "2011-10-05T00:00:00.000Z", "dateUpdated": "2024-09-16T22:25:41.565Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:skyarc:autotagging:*:*:*:*:*:*:*:*", "matchCriteriaId": "700A3014-4DD6-4694-A83E-C04267951C07", "versionEndIncluding": "0.08", "vulnerable": true}, {"criteria": "cpe:2.3:a:skyarc:duplicateentry:*:*:*:*:*:*:*:*", "matchCriteriaId": "943E5640-4B68-417A-B9DC-961029EBB604", "versionEndIncluding": "1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:skyarc:mailpack:*:*:*:*:*:*:*:*", "matchCriteriaId": "A6C36983-9CA0-4705-BBB2-77EFA831460A", "versionEndIncluding": "1.741", "vulnerable": true}, {"criteria": "cpe:2.3:a:skyarc:mtcms:*:*:*:*:*:*:*:*", "matchCriteriaId": "59C8DD6E-6645-43BC-8C62-7CBB750DB9D7", "versionEndIncluding": "5.251", "vulnerable": true}, {"criteria": "cpe:2.3:a:skyarc:mtcms:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "2D5A177C-9E80-4FBF-A443-8429142C0963", "vulnerable": true}, {"criteria": "cpe:2.3:a:skyarc:mtcms:5.21:*:*:*:*:*:*:*", "matchCriteriaId": "8A7E0117-F13D-48E5-A859-7C87C6F0FAA2", "vulnerable": true}, {"criteria": "cpe:2.3:a:skyarc:mtcms:5.22:*:*:*:*:*:*:*", "matchCriteriaId": "B926DF53-7927-40E9-8565-F00BDFE06909", "vulnerable": true}, {"criteria": "cpe:2.3:a:skyarc:mtcms:5.23:*:*:*:*:*:*:*", "matchCriteriaId": "BE6725E4-D378-4EA6-983F-9C00A02F8B56", "vulnerable": true}, {"criteria": "cpe:2.3:a:skyarc:mtcms:5.24:*:*:*:*:*:*:*", "matchCriteriaId": "8A3CD3BC-4D14-4924-8C9D-6F9046CAB9FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:skyarc:mtcms:5.24:*:enterprise:*:*:*:*:*", "matchCriteriaId": "D17F47AC-2B96-4D1B-932F-95E6852D7217", "vulnerable": true}, {"criteria": "cpe:2.3:a:skyarc:mtcms:5.24:*:smart:*:*:*:*:*", "matchCriteriaId": "7B0CB190-C55D-4D58-9A64-A23D3C106B99", "vulnerable": true}, {"criteria": "cpe:2.3:a:skyarc:mtcms:5.25:*:*:*:*:*:*:*", "matchCriteriaId": "DC5216DB-FE4C-486D-8597-6BBE2AE0D01F", "vulnerable": true}, {"criteria": "cpe:2.3:a:skyarc:mtcms:5.25:*:enterprise:*:*:*:*:*", "matchCriteriaId": "58360AF1-8638-4B63-9655-702DFCA8F872", "vulnerable": true}, {"criteria": "cpe:2.3:a:skyarc:mtcms:5.25:*:smart:*:*:*:*:*", "matchCriteriaId": "5DBDC0FD-7679-4503-AAF2-01DD31FB1A00", "vulnerable": true}, {"criteria": "cpe:2.3:a:skyarc:mtcms:5.251:*:enterprise:*:*:*:*:*", "matchCriteriaId": "33D411B2-A032-451F-868A-4FBE2D6A0352", "vulnerable": true}, {"criteria": "cpe:2.3:a:skyarc:mtcms:5.251:*:smart:*:*:*:*:*", "matchCriteriaId": "820F9FD8-6948-4DC2-ADFF-E69CC758C6CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:skyarc:multifileuploader:*:*:*:*:*:*:*:*", "matchCriteriaId": "89E4A66A-36C7-484E-B1C5-E8CB296A679A", "versionEndIncluding": "0.44", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, uses weak permissions, which allows remote authenticated users to modify files and settings via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad en plugins SKYARC MTCMS anterior a v5.252, y en MultiFileUploader v0.44 y anteriores, DuplicateEntry v1.2 y anteriores, MailPack v1.741 y anteriores, y AutoTagging v0.08 y anteriores para Movable Type utiliza permisos d\u00e9biles, lo que permite a usuarios remotos autenticados modificar ficheros y par\u00e1metros de configuraci\u00f3n a trav\u00e9s de vectores desconocidos."}], "id": "CVE-2011-3993", "lastModified": "2026-04-29T01:13:23.040", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 5.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-11-03T17:55:01.780", "references": [{"source": "vultures@jpcert.or.jp", "url": "http://jvn.jp/en/jp/JVN41032068/index.html"}, {"source": "vultures@jpcert.or.jp", "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000093"}, {"source": "vultures@jpcert.or.jp", "url": "http://www.mtcms.jp/news/product/201110131921.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://jvn.jp/en/jp/JVN41032068/index.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000093"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mtcms.jp/news/product/201110131921.html"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}